European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS: Vote here . Yes, it is a Google Form… but there is no malware or spam 🙂 Don’t forget to vote IT_SecurityNews! The seventh annual European Cybersecurity Blogger Awards sponsored by Qualys and powered by Eskenzi PR, will be bestowed upon the best cybersecurity bloggers, podcasters, Tweeters, Instagrammers and vloggers in a live virtual event on Tuesday 2nd June 2020. Visit IT Security news and the Twitter account.
A trackback is one of four types of linkback methods for website authors to request notification when somebody links to one of their documents. This enables authors to keep track of who is linking to their articles. Some weblog software, such as SilverStripe,WordPress, Drupal, and Movable Type, supports automatic pingbacks where all the links in a published article can be pinged when the article is published. The term is used colloquially for any kind of linkback. A trackback is an acknowledgment. This acknowledgment is sent via a network signal (ping) from the originating site to the receiving site. The receptor often publishes a link back to the originator indicating its worthiness. Trackback requires both sites to be trackback-enabled in order to establish this communication. Trackbacks are used primarily to facilitate communication between blogs; if a blogger writes a new entry commenting on, or referring to, an entry found at another blog, and both blogging tools support the TrackBack protocol, then the commenting blogger can notify the other blog with a “TrackBack ping“; the receiving blog will typically display summaries of, and links to, all the commenting entries below the original entry. This allows for conversations spanning several blogs that readers…
I wrote in the post Do you really know who’s visiting your website? about how often hackers probe my websites. IT Security News has of today this: 5,914 blocked malicious login attempts / was 2092 on May 8th 2,182 spam comments blocked by Akismet. / was 2115 on May 8th The login attempts more than doubled in just 5 weeks. Of course, they are all automated attacks, so we can’t really speak of an effort from anyone’s site. Why ? If a hacker “owns” a website he is able to do a few things: Change content and possible deliver malware to your readers Host individual “sub-pages” or “sub-websites” in your blog and reference them from email campaigns or post spams. Send mail from your blog to just anyone, but the worst is when it sends to your subscribers. All are very bad things as they ruin your website’s reputation and drives your visitors away. And they can happen all together or just any combination of them. What can you do? It turns out that you can do quite a lot of things: don’t user the default admin account (WordPress: admin) set a hard to guess password keep your blog and its extensions/plugins up to date don’t install…
My blog post “What is a security expert?” which I published in the (ISC)2 Blog was mentioned in the (ISC)2 EMEA Newsletter: Germany’s Sorin Mustaca, CSSLP takes an analytic look at what it means to be an information security professional, also on the (ISC)² Blog
I added a new widget on the right side of the blog which allows someone to follow my posts.
Starting as of today, I enabled the comments on my blog sorin-mustaca.com . It is an experiment to see if someone really posts and to see also how much spam do I get.
I finally found some time to change the website from the old design in dark colors to a WordPress (statical) blog. The new design is simpler and it is only on one single level. I got rid of all the old things and left only what is relevant. Here is the structure with links: Home – main page Management – will contain infos about product management and project management About – some infos about me Blog – link to this blog Pets – some pictures of my favorite pets Photography – random selection of my photos on Flickr Reading – random selection of the books I own(and have read) from mylibrarything.com Writing – selection and links to articles, interviews and other things I wrote Twitter – the content of my Twitter account
Just stumbled upon this blog post from Symantec http://www.symantec.com/connect/blogs/spammers-introduce-new-email-internet-headers where an absolutely normal spam process is described. Unfortunately for the author who clearly doesn’t understand Romania, he copied/pasted all headers, even those which he doesn’t understand. So, he copied all kind of bad words, things which you usually wouldn’t publish in a serious blog. I will not publish them here because this is my blog and I respect my readers, especially in this case, the Romanian readers. I let you alone read the funny post 🙂 Have fun !
Since I heard the first time about AMTSO (Anti Malware Testing Standards Organization), in one of the VB Conferences (I think two years ago), I asked myself whether or not this association makes sense. I’ve heard later on that Avira is also part of it. But, I simply forgot about this issue. I recently started to hear a lot of noise about this issue, saying that AMTSO represents only the interests of the AV Industry and not those of the user getting infected. I don’t have yet an opinion, but as soon as I have one, I’ll post it 😉 Here are links with PROs and CONs arguments: PROs: Joint Blog By amtso http://www.avertlabs.com/research/blog/index.php/2010/07/07/testing-and-accountability/ http://community.norton.com/t5/Norton-Protection-Blog/Testing-and-Accountability/ba-p/247711 http://www.securelist.com/en/blog?weblogid=2224 http://pandalabs.pandasecurity.com/testing-and-accountability/ http://www.eset.com/blog/2010/07/07/testing-and-accountability A related blog was published on the AVIEN blog CONs: The AMTSO Melee Anti Malware Testing Standards Organization: a dissenting view AMTSO: a serious attempt to clean up anti-malware testing; or just a great big con? (please read the discussion thread there !!!)
Just have a look at the screenshot… The problem is that they allow any registered user to post whatever he/she wants without any moderation. This is also my post with a reply to the spammer’s post.